<?php

namespace Modules\Chinadmin\Services;

use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cache;
use Modules\Chinadmin\Models\AuthCompanyControllerModel;
use Modules\Chinadmin\Models\AuthRoleControllerModel;
use Modules\Chinadmin\Models\ControllerModel;
use Modules\System\Services\Mds\MDSString;

/**
 * 登录
 */
class AuthServices
{
    /**
     * 全部小写
     * 需要 menu,但是不需要进行权限判断的路由
     */
    static public $needMenu = [
        '/chinadmin/admin/index/menutree',
    ];

    /**
     * 全部小写
     * 需要权限判断的路由
     */
    static public $noAuth = [
        '/chinadmin/admin/main/index',          //首页
        '/chinadmin/admin/user/login',          //登录
        '/chinadmin/admin/index/menutree',      //获取左侧列表
        '/chinadmin/admin/index/index',         //主前端框架
        '/chinadmin/admin/user/logout',         //退出
        '/chinadmin/admin/form/update'         //修改表格宽度
    ];

    /**
     * 获取菜单权限信息,确定显示那些菜单
     */
    static public function authMenu($REQUEST_URI){

        //接口路由不判断登录状态。"/admin/"
        if(MDSString::contain($REQUEST_URI,'/admin/')){

            $user = Auth::guard('admin')->user();

            $AuthRole = [];
            if(empty($AuthRole)){
                //超级管理员取全部
                if($user['id'] == 1){
                    $AuthRole = ControllerModel::where("isMenu",1)
                        ->orderBy("sort","desc")
                        ->get();
                }else{

                    if($user['partner'] == 2){  //公司权限
                        //得到所有权限下的菜单
                        $AuthRole = AuthCompanyControllerModel::leftJoin('ca_controller','ca_auth_company_controller.controller_id','=','ca_controller.controller_id')
                            ->where("ca_controller.isMenu",1)
                            ->whereIn("ca_auth_company_controller.role_id",explode(",",$user['company_id']))
                            ->orderBy("sort","desc")
                            ->get();

                    }else{
                        //得到所有权限下的菜单
                        $AuthRole = AuthRoleControllerModel::leftJoin('ca_controller','ca_auth_role_controller.controller_id','=','ca_controller.controller_id')
                            ->where("ca_controller.isMenu",1)
                            ->whereIn("ca_auth_role_controller.role_id",explode(",",$user['role_id']))
                            ->orderBy("sort","desc")
                            ->get();
                    }

                    //去重
                    $AuthRole = $AuthRole->unique('controller_id');

                }
            }
            Cache::put('AuthRole',$AuthRole,3600);

            //进行权限判断
            self::authJudge($AuthRole);

        }

    }

    /**
     * 权限判断，判断用户可以打开那些控制器
     */
    static public function authJudge($AuthRole){

        if(empty($user)){
            return redirect('login');
        }
        //判断权限
        if(empty($user['role_id'])){
            mdsResponse(400,"您的账号没有指定角色，请联系总管理员");
        }
        //暂时没有添加create权限，添加了以后这里需要改动下
        $uri = str_replace("create","index",str_replace("/index.php","",explode("?",$_SERVER['REQUEST_URI'])[0]));
        //超级管理员不做检查
        if($user['id'] != 1){
            if(empty($AuthRole) || !(in_array($uri,$AuthRole->pluck("route")->toArray()))){
                mdsResponse(400,"您没有权限!");
            }
        }

    }

}

